Closed jgelmann-sandc closed 5 months ago
@jgelmann-sandc Could you kindly run ./bin/trustm_chipinfo to read out the chip info and paste the output here? Thanks.
@jgelmann-sandc For your information, we tested the scripts with Host OS and Version: Ubuntu 22.04.4 LTS aarch64 Kernel: 5.15.0-1050-raspi Environment OpenSSL 3.0.2 15 Mar 2022 (Library: OpenSSL 3.0.2 15 Mar 2022) It works. Please capture the output for chipinfo and let us know. Thanks
Here is the chipinfo:
========================================================
CIM Identifier [bCimIdentifer]: 0xcd
Platform Identifer [bPlatformIdentifier]: 0x16
Model Identifer [bModelIdentifier]: 0x33
ID of ROM mask [wROMCode]: 0x8401
Chip Type [rgbChipType]: 0x00 0x1c 0x00 0x01 0x00 0x00
Batch Number [rgbBatchNumber]: 0x0a 0x09 0x1b 0x5c 0x00 0x0b
X-coordinate [wChipPositionX]: 0x003c
Y-coordinate [wChipPositionY]: 0x0066
Firmware Identifier [dwFirmwareIdentifier]: 0x80101071
Build Number [rgbESWBuild]: 08 09
Chip software build:
OPTIGA(TM) Trust M rev.1; Firmware Version: 1.30.809
========================================================
Let me know what other info you need.
@jgelmann-sandc Thanks for your info. From the chipinfo, I can see the IC with you is Trust M V1 and the chip I used for testing is Trust M V3. Let me do further investigation with Trust M V1 and will let you know very soon.
@jgelmann-sandc I saw the same issue with V1. Will try to resolve it ASAP and update you. Thanks.
Hi @jgelmann-sandc We already resolved the issue and updated the code. The code is tested with Trust M V1/V3 RSA/ECC sign and verify function. Please try at your side and let me know whether it is ok now. Thanks.
Scripts seem to run as expected, thanks for your support.
Prerequisites
Can you reproduce the problem reliably? yes
Did you check current release notes for known issues? yes
If this is not the latest release, have you checked newer releases? yes
Description:
When running the trustm provider scripts located under
linux-optiga-trust-m/provider-scripts/rsa_keygen_and_sign
there are errors when getting to step 3 (signing).Steps to Reproduce:
Install provider and lib according to the
README.md
usingprovider_installation_script.sh
Navigate to
provider-scripts/rsa_keygen_and_sign
Run
step_1_cleanup.sh
Run
step_2_gen_rsa_key.sh
Run
step_3_sign.sh
Observe
Public Key operation error
output from thestep_3_sign.sh
scriptExpected Result: Signing works and the signature is written to a file by the script.
Actual Result: Signing fails with an error. Upon further inspection and debugging, the error is due to the trust m returning the 0x8005 error, which means "Invalid parameter in data field." This seems to in turn be due to
static void *trustm_signature_dupctx(void *ctx)
not correctly duplicating the context, as illustrated by these debug prints I put at the end of the function below:Frequency (1/1, 1/50, 1/100):
1/1
Build/Commit:
e38c2c477712d68a1b44eff4956d18254beb4e51
Target:
Raspberry pi 4b with adafruit trust m breakout board https://www.adafruit.com/product/4351
Host OS and Version:
Ubuntu 22.04.4 LTS aarch64 Kernel: 5.15.0-1053-raspi
Compiler:
gcc (Ubuntu 11.4.0-1ubuntu1~22.04) 11.4.0
Environment
OpenSSL 3.0.2 15 Mar 2022 (Library: OpenSSL 3.0.2 15 Mar 2022)